Brian Baskin

Brian Baskin is a security professional who specializes in digital forensics and incident response and has worked for over 15 years to help secure enterprise and federal government environments.

Brian is an active incident responder, malware analyst, reverse engineer, and forensic analyst. He has worked incident responses for RSA Security, as well as Newberry Group, cmdLabs, and CSC. He first encountered the APT threat in the middle of an exfil in 2004, before it was cool. He has completed hundreds of official forensic examinations that include active compromises of entire networks and continuing threats against Defense contractors. He has worked with international law enforcement agencies to analyze seized hackers systems to correlate back to large-scale attacks, and has documented the evolution of custom malware encryption routines over the course of half a decade. His work has been commented upon on the front page of news media, though his role will continue to remain anonymous and undisclosed.

Brian spent over a decade developing secure and effective incident response techniques to train to military and federal law enforcement agents as part of the Defense Cyber Investigations Training Academy (DCITA). He trained FBI Computer Analysis Response Team (CART) agents, developed specialized procedures for the Maryland State Police, and consulted with the US Secret Service. He developed training for Linux and Solaris incident response and network intrusions, beginning his career in the age of SafeBack, Maresware, and The Coroner's Toolkit.

Brian was a subject matter expert in the development of the Introduction to Securing Law Enforcement Networks for the National White Collar Crime Center (NW3C), as well as the Internet Investigations Training Program for the Federal Law Enforcement Training Center (FLETC). In a class on online undercover techniques, he once used one of his own decade-old online handles as a test of OSINT abilities only to have a law enforcement student’s efforts open an investigation into him. He was the principal developer and manager for the initial creation of content for the US Secret Service’s National Computer Forensic Institute’s opening. He is a Navy Plankowner for his work in developing a brand new online education system for military use.

In his early years, Brian was a BBS enthusiast, running a Renegade board in the 609 while developing door games and tinkering with ANSI art. He has programmed in QBASIC, batch, bash, REXX, TCL/TK, C, C11, Pascal, JavaScript, and Python. He continues to use Python to develop security tools and custom scripts for incident response.